fix(client): recover streamable HTTP session on 404 for session-bound requests#1718
Conversation
🦋 Changeset detectedLatest commit: d2d6587 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
@modelcontextprotocol/client
@modelcontextprotocol/server
@modelcontextprotocol/express
@modelcontextprotocol/hono
@modelcontextprotocol/node
commit: |
There was a problem hiding this comment.
Thanks for this. Could we simplify? The spec (Session Management, item 4) says:
When a client receives HTTP 404 in response to a request containing an
MCP-Session-Id, it MUST start a new session by sending a newInitializeRequestwithout a session ID attached.
The transport's piece is "without a session ID attached". Clear _sessionId so the next request omits the header. Client.connect() already handles the re-init when transport.sessionId is undefined (client.ts:497).
Suggested minimal change (both _startOrAuthSse and send, before the existing throw):
if (response.status === 404 && this._sessionId !== undefined) {
this._sessionId = undefined;
}2 participants
Summary
Handle session-expired 404s in
StreamableHTTPClientTransportwhen requests are session-bound.What changed
send()(POST path), when a request is sent withmcp-session-idand receives404:SdkErrortagged withsessionExpired: true_startOrAuthSse()(GET path), apply the same 404 session-expiry handling.@modelcontextprotocol/client.Why
Per MCP session management requirements, a 404 for a request carrying
Mcp-Session-Idindicates an invalid/expired session. The client should not keep sending a stale session ID.Testing
pnpm --filter @modelcontextprotocol/client test -- test/client/streamableHttp.test.tspnpm exec prettier --check packages/client/src/client/streamableHttp.ts packages/client/test/client/streamableHttp.test.ts .changeset/gentle-maps-smile.mdCloses #1708